Microsoft fixed a Microsoft Entra ID flaw where the Agent ID Administrator role could enable privilege escalation and account takeover. Microsoft addressed a flaw in Microsoft Entra ID that... Read more »
Osservatorio Nessuno uncovered Morpheus spyware spreading via fake Android apps to steal data, highlighting rising covert surveillance tools. The non-partisan, non-religious, nonprofit organization Osservatorio Nessuno exposed a new spyware... Read more »
NCSC’s SilentGlass blocks malicious HDMI/DisplayPort links, protecting monitors from hardware attacks. Now commercialized for global use. The UK’s National Cyber Security Centre (NCSC) has launched SilentGlass, a new device... Read more »
Bank pays out compensation to more customers and reveals expansion of affected group Read more »
Cybersecurity researchers have warned of malicious images pushed to the official “checkmarx/kics” Docker Hub repository. In an alert published today, software supply chain security company Socket revealed that unknown... Read more »
Medtronic confirmed a breach of its IT systems after ShinyHunters claimed the theft of over 9 million records. Medtronic confirmed a cyberattack on its corporate IT systems after the... Read more »
Everything is dumb again. This week feels broken in a very familiar way. Old tricks are back. New tools are doing shady crap. Supply chains got hit. Fake help... Read more »
BrowserGate claims LinkedIn secretly fingerprints users via extensions and device data, sending encrypted results to third parties for tracking. BrowserGate is an investigation conducted by Fairlinked (https://browsergate.eu/), an association... Read more »
A Chinese national posed as a U.S. researcher, tricking NASA staff in a phishing campaign to steal sensitive data tied to defense software and exports. A Chinese national ran... Read more »
The Computer Weekly Security Think Tank considers the intersection of AI and IAM. In this article, we explore the shift from identity management to identity intelligence. Read more »
